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DETAILED ACTION 

1 . This Office Action is a response to the Preliminary Amendment dated 03/01/02. 
Claims 32-89 are pending in the application. 

Claim Objections 

2. Claims 73 and 84 are objected to because of the following informalities: 

As per claim 73: 

Line 2, "patters" should read -pattern-. 

Line 4, "responsible to" should read -responsive to-. 
As per claim 83, line 1, "claims 32" should read -claim 73- to correct its 
dependency. 

Appropriate correction is required. 

Claim Rejections - 35 USC § 112 

The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

3. Claim 87 recites the limitation "said sequence of access control specifiers" in line 2. 
There is insufficient antecedent basis for this limitation in the claim. 

Double Patenting 

The nonstatutory double patenting rejection is based on a judicially created 
doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the 
unjustified or improper timewise extension of the "right to exclude" granted by a patent 
and to prevent possible harassment by multiple assignees. See In re Goodman, 1 1 
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F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Long/, 759 F.2d 887, 225 
USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 
1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970);and, In re Thorington, 
41 8 F.2d 528, 1 63 USPQ 644 (CCPA 1 969). 

A timely filed terminal disclaimer in compliance with 37 CFR 1 .321 (c) may be 
used to overcome an actual or provisional rejection based on a nonstatutory double 
patenting ground provided the conflicting application or patent is shown to be commonly 
owned with this application. See 37 CFR 1 .130(b). 

Effective January 1 , 1994, a registered attorney or agent of record may sign a 
terminal disclaimer. A terminal disclaimer signed by the assignee must fully comply with 
37 CFR 3.73(b). 

4. Claims 32-89 are rejected under the judicially created doctrine of obviousness-type 
double patenting as being unpatentable overclaims 1-31 of U.S. Patent No. 6,377,577. 
Although the conflicting claims are not identical, they are not patentably distinct from 
each other because: 

Claims 73-89 of the instant application call for a system claim that mirrored the 
method claims 1-31 of the '577 patent. 

Claims 1-31 of the '577 patent teaches essentially the same steps/means as 
claims 32-89 of the current application. Even though claims 32-89 are broadened by 
omitting certain limitation, i.e. {"maintaining a set of access control patterns in at least 
one associative memory' was omitted in claims 32-72), it has been held that the 
omission of an element and its function is an obvious expedient if the remaining 
elements perform the same function as before. In re Karlson, 136 USPQ 184(CCPA). 
Also note Ex parte Rainu, 168 USPQ 375 (Bd. App. 1969); omission of a reference 
element whose function is not needed would be an obvious variation. 
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In addition, a comparison of claims 32-72 of the instant application and claims 1- 
31 of the '577 patent a skilled artisan would have recognized the difference is a mere 
wording. Such difference is deemed to be obvious. 

Furthermore, there is no apparent reason why applicant was prevented from 
presenting claims corresponding to those of the instant application during prosecution of 
the application which matured into a patent. 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(a) the invention was known or used by others in this country, or patented or described in a printed 
publication in this or a foreign country, before the invention thereof by the applicant for a patent. 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 



5. Claims 32-43, 45-70 and 72 are rejected under 35 U.S.C. 102(b) as being 
anticipated by McAuley et al (USP 5,386,413) (hereinafter "McAuley"). 

Regarding claim 32, in accordance with McAuley reference entirety, McAuley 
discloses a method of processing a packet (Figure 5) comprising: 

matching one or more characteristics of said packet with one or more access 
control specifiers in at least one access control element (Figure 5; MASK CIRCUIT and 
col. 6, line 59 to col. 7, line 4)\ and 

processing said packet based on said matching (col. 7, lines 4-7). 



States. 
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Regarding claim 33, in addition to features recited in claim 32 (see rationales 
discussed above), McAuley further discloses wherein said access control element is a 
content addressable memory (FIG. 5; CAM-1 or CAM-3). 

Regarding claim 34, in addition to features recited in claim 32 (see rationales 
discussed above), McAuley further discloses wherein said matching and said 
processing is done in parallel (FIG. 5; CAM-1 -CAM-3). 

Regarding claim 35, in addition to features recited in claim 32 (see rationales 
discussed above), McAuley further discloses wherein said characteristics of said packet 
comprises one or more of a source address, a destination address, a source port, a 
destination port, a protocol type, an input interface and an output interface (coA 5, line 
59 to col. 7, line 1). 

Regarding claim 36, in addition to features recited in claim 32 (see rationales 
discussed above), McAuley further discloses wherein said characteristics of said packet 
comprises data carried by said packet in a packet header (col. 5, line 59 to col. 7, line 
1Y 

Regarding claim 37, in addition to features recited in claim 32 (see rationales 
discussed above), McAuley further discloses receiving said packet (FIG. 5; 101). 

Regarding claim 38, in addition to features recited in claim 32 (see rationales 
discussed above), McAuley further discloses identifying one or more of said access 
control specifiers based on said matching (coA 7, line 3). 

Regarding claim 39, in addition to features recited in claim 37 (see rationales 
discussed above), McAuley further discloses prioritizing said one or more of said access 
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control specifiers identified based on said matching to generate a set of prioritized 
access control specifiers (FIG. 5; 150 and col. 10, line 20). 

Regarding claim 40, in addition to features recited in claim 39 (see rationales 
discussed above), McAuley further discloses wherein said prioritizing is done in parallel 
by a priority encoder (FIG. 5; 150 and col. 7, line 8 to col. 10, line 45). 

Regarding claim 41 , in addition to features recited in claim 39 (see rationales 
discussed above), McAuley further discloses wherein said prioritizing is done based on 
an address of said access control specifiers in said access control element (FIG. 5; 150 
and col. 7, line 8 to col. 10, line 45). 

Regarding claim 42, in addition to features recited in claim 39 (see rationales 
discussed above), McAuley further discloses wherein said processing is done based on 
said set of prioritized access control specifiers (FIG. 5; 150 and col. 7, line 8 to col. 10, 
line 45). 

Regarding claim 43, in addition to features recited in claim 32 (see rationales 
discussed above), McAuley further discloses wherein said processing further 
comprising: if said packet requires processing by a higher-level processor, forwarding 
said packet to said higher-level processor (FIG. 5; PORTB). 

Regarding claim 45, in addition to features recited in claim 32 (see rationales 
discussed above), McAuley further discloses if said packet requires forwarding, 
forwarding said packet (FIG. 5; PORTB). 

Regarding claim 46, in accordance with McAuley reference entirety, McAuley 
discloses a system for processing a packet comprising: 
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an access control element, wherein said access control element is configured to 
store one or more access control specifiers (FIG. 5; CAM-1, CAM-2 or CAM-3)\ and 

a priority encoder coupled to said access control element, wherein said priority 
encoder is configured to prioritize in parallel said one or more access control specifiers 
matched with one or more characteristics of said packet {FIG. 5; 150). 

Regarding claim 47, in addition to features recited in claim 46 (see rationales 
discussed above), McAuley further discloses wherein said priority encoder is further 
configured to prioritize said one or more access control specifiers matched with said 
one or more characteristics of said packet according to an address of said one or more 
access control specifiers in said access control element (FIG. 5; 150 and col. 7, line 8 to 
col. 10, line 45). 

Regarding claim 48, in addition to features recited in claim 46 (see rationales 
discussed above), McAuley further discloses a compare unit coupled to said access 
control list, wherein said compare unit is configured to compare said one or more 
characteristics of said packet with one or more values (FIG. 5; MASK CIRCUIT) 

Regarding claim 49, in addition to features recited in claim 48 (see rationales 
discussed above), McAuley further discloses wherein said one or more values are 
predetermined (FIG. 5; LOAD) 

Regarding claim 50, in addition to features recited in claim 48 (see rationales 
discussed above), McAuley further discloses wherein said one or more values are 
dynamically determined (FIG. 5; LOAD) 
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Regarding claim 51, in addition to features recited in claim 48 (see rationales 
discussed above), McAuley further discloses wherein said compare unit is further 
configured to perform arithmetic operation on data carried by said packet in a packet 
header (FIG. 5; MASK CIRCUIT) 

Regarding claim 52, in addition to features recited in claim 48 (see rationales 
discussed above), McAuley further discloses wherein said compare unit is further 
configured to perform logical operation on said data carried by said packet in said 
packet header (FIG. 5; MASK CIRCUIT) 

Regarding claim 53, in addition to features recited in claim 46 (see rationales 
discussed above), McAuley further discloses wherein said access control element 
further comprising: an access control memory (FIG. 5; CAM-1, CAM-2 or CAM-3). 

Regarding claim 54, in addition to features recited in claim 53 (see rationales 
discussed above), McAuley further discloses wherein said access control memory is a 
content-addressable memory (FIG. 5; CAM-1, CAM-2 or CAM-3). 

Regarding claim 55, in addition to features recited in claim 53 (see rationales 
discussed above), McAuley further discloses wherein said access control memory 
stores at least one of said access control specifier (FIG. 5; LOAD). 

Regarding claim 56, in addition to features recited in claim 53 (see rationales 
discussed above), McAuley further discloses wherein said access control specifier 
further comprising: 

a label match mask configured to determine whether a first corresponding bit of 
said one or more characteristics of said packet is tested (FIG. 5; LOAD); and 
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a label match pattern, wherein said label match pattern is compared with a 
second corresponding bit of said one or more characteristics of said packet (FIG. 5; 
101). 

Regarding claim 57, in addition to features recited in claim 46 (see rationales 
discussed above), McAuley further discloses a processor, coupled to said access 
control element, said processor is configured to process said packet when said packet 
is not processed by said access control element {not shown; inherent to have 
processing mechanism in a switch). 

Regarding claim 58, in addition to features recited in claim 46 (see rationales 
discussed above), McAuley further discloses at least one input port coupled to said 
access control element, wherein said input port is configured to receive said packet; and 
at least one output port coupled to said access control element, wherein said packet is 
forwarded via said out put port (not shown; inherent as part of FIG. 5 in order to receive 
and route packet). 

Regarding claim 59, in accordance with McAuley reference entirety, McAuley 
discloses a system for processing a packet comprising: 

means for matching one or more characteristics of said packet with one or more 
access control specifiers in at least one access control element (CAM-1 or CAM-2 or 
CAM-3); and 

means for processing said packet based on said matching (150). 
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Regarding claim 60, in addition to features recited in claim 59 (see rationales 
discussed above), McAuley further discloses wherein said access control element is a 
content addressable memory (CAM-1 or CAM-2 or CAM-3). 

Regarding claim 61, in addition to features recited in claim 59 (see rationales 
discussed above), McAuley further discloses wherein said matching and said 
processing is done in parallel (CAM-1 or CAM-2 or CAM-3). 

Regarding claim 62, in addition to features recited in claim 59 (see rationales 
discussed above), McAuley further discloses wherein said characteristics of said packet 
comprises one or more of a source address, a destination address, a source port, a 
destination port, a protocol type, an input interface and an output interface (col. 6, line 
49 to col. 7, line 5). 

Regarding claim 63, in addition to features recited in claim 59 (see rationales 
discussed above), McAuley further discloses wherein said characteristics of said packet 
comprises data carried by said packet in a packet header (co/. 6, line 49 to col. 7, line 
5). 

Regarding claim 64, in addition to features recited in claim 59 (see rationales discussed 
above), McAuley further discloses means for receiving said packet (not shown; inherent 
as part of FIG. 5 in order to receive and route packet). 

Regarding claim 65, in addition to features recited in claim 59 (see rationales 
discussed above), McAuley further discloses means for identifying one or more of said 
access control specifiers based on said matching (FIG. 5; 150). 
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Regarding claim 66, in addition to features recited in claim 64 (see rationales 
discussed above), McAuley further discloses means for prioritizing said one or more of 
said access control specifiers identified based on said matching to generate a set of 
prioritized access control specifiers (FIG. 5; 150). 

Regarding claim 67, in addition to features recited in claim 66 (see rationales 
discussed above), McAuley further discloses wherein said prioritizing is done in parallel 
by a priority encoder (FIG. 5; 150). 

Regarding claim 68, in addition to features recited in claim 66 (see rationales 
discussed above), McAuley further discloses wherein said prioritizing is done based on 
an address of said access control specifiers in said access control element (FIG. 5; 
150). 

Regarding claim 69, in addition to features recited in claim 66 (see rationales 
discussed above), McAuley further discloses wherein said processing is done based on 
said set of prioritized access control specifiers (FIG. 5; 150). 

Regarding claim 70, in addition to features recited in claim 59 (see rationales 
discussed above), McAuley further discloses wherein said processing further 
comprising: means for forwarding said packet to said higher-level processor if said 
packet requires processing by a higher-level processor (not shown; inherent to have 
processing mechanism in a switch). 

Regarding claim 72, in addition to features recited in claim 59 (see rationales 
discussed above), McAuley further discloses means for forwarding said packet if said 
packet requires forwarding (FIG. 5; PORTB). 
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6. Claims 32-89 are rejected under 35 U.S.C. 102(a) as being anticipated by 
Alessandri {Access Control List Processing in Hardware, Diploma Thesis, pages 1-85, 
October 1997). 

Regarding claim 32, in accordance with Alessandri reference entirety, Alessandri 
discloses a method of processing a packet (Figure 4 or Figure 10) comprising: 

matching one or more characteristics {page 14, description pertaining Interface 
identifier or netflowlabel) of said packet with one or more access control specifiers in at 
least one access control element {page 13, section 3. 1 and description pertaining the 
comparison of CAM entries of the netflowlabel)] and 

processing said packet based on said matching {page 13, section 3.1 and 
description pertaining a match condition). 

Regarding claim 33, in addition to features recited in claim 32 (see rationales 
discussed above), Alessandri further discloses wherein said access control element is a 
content addressable memory (Figure 10). 

Regarding claim 34, in addition to features recited in claim 32 (see rationales 
discussed above), Alessandri further discloses wherein said matching and said 
processing is done in parallel {page 6, section 2.2. 1 and description pertaining filtering 
decision can be pipelined or page 14, first paragraph). 

Regarding claim 35, in addition to features recited in claim 32 (see rationales 
discussed above), Alessandri further discloses wherein said characteristics of said 
packet comprises one or more of a source address, a destination address, a source 
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port, a destination port, a protocol type, an input interface and an output interface (page 
14, description pertaining Interface identifier or netflowlabel). 

Regarding claim 36, in addition to features recited in claim 32 (see rationales 
discussed above), Alessandri further discloses wherein said characteristics of said 
packet comprises data carried by said packet in a packet header (page 14, description 
pertaining Interface identifier and netflowlabel). 

Regarding claim 37, in addition to features recited in claim 32 (see rationales 
discussed above), Alessandri further discloses receiving said packet (page 10, section 
1.0 and description pertaining packet forwarding). 

Regarding claim 38, in addition to features recited in claim 32 (see rationales 
discussed above), Alessandri further discloses identifying one or more of said access 
control specifiers based on said matching (page 14, first paragraph; "first match'). 

Regarding claim 39, in addition to features recited in claim 37 (see rationales 
discussed above), Alessandri further discloses prioritizing said one or more of said 
access control specifiers identified based on said matching to generate a set of 
prioritized access control specifiers (page 19, section 3.3.3, priority encoder). 

Regarding claim 40, in addition to features recited in claim 39 (see rationales 
discussed above), Alessandri further discloses wherein said prioritizing is done in 
parallel by a priority encoder (page 19, section 3.3.3, priority encoder). 

Regarding claim 41, in addition to features recited in claim 39 (see rationales 
discussed above), Alessandri further discloses wherein said prioritizing is done based 
on an address of said access control specifiers in said access control element. 
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Regarding claim 42, in addition to features recited in claim 39 (see rationales 
discussed above), Alessandri further discloses wherein said processing is done based 
on said set of prioritized access control specifiers (page 19, section 3.3.3, priority 
encoder). 

Regarding claim 43, in addition to features recited in claim 32 (see rationales 
discussed above), Alessandri further discloses wherein said processing further 
comprising: if said packet requires processing by a higher-level processor, forwarding 
said packet to said higher-level processor {page 4, Figure 2; CPU). 

Regarding claim 44, in addition to features recited in claim 32 (see rationales 
discussed above), Alessandri further discloses if said packet requires dropping, 
dropping said packet (page 4, Figure 2; Drop Port or page 5, Figure 3). 

Regarding claim 45, in addition to features recited in claim 32 (see rationales 
discussed above), Alessandri further discloses if said packet requires forwarding, 
forwarding said packet (page 4, Figure 2; Permit decision or page 5, Figure 3). 

Regarding claim 46, in accordance with Alessandri reference entirety, Alessandri 
discloses a system for processing a packet comprising: 

an access control element, wherein said access control element is configured to 
store one or more access control specifiers (page 19, Figure 16, CAM entries); and 

a priority encoder coupled to said access control element, wherein said priority 
encoder is configured to prioritize in parallel said one or more access control specifiers 
matched with one or more characteristics of said packet (page 19, section 3.3.3 and 
Figure 16). 
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Regarding claim 47, in addition to features recited in claim 46 (see rationales 
discussed above), Alessandri further discloses wherein said priority encoder is further 
configured to prioritize said one or more access control specifiers matched with said 
one or more characteristics of said packet according to an address of said one or more 
access control specifiers in said access control element (page 19, section 3.3.3 and 
Figure 16). 

Regarding claim 48, in addition to features recited in claim 46 (see rationales 
discussed above), Alessandri further discloses a compare unit coupled to said access 
control list, wherein said compare unit is configured to compare said one or more 
characteristics of said packet with one or more values (page 13, section 3. 1 and Figure 
10; AND-operation). 

Regarding claim 49, in addition to features recited in claim 48 (see rationales 
discussed above), Alessandri further discloses wherein said one or more values are 
predetermined (page 13, section 3.1 and Figure 10; netflowlabel or netflow mask). 

Regarding claim 50, in addition to features recited in claim 48 (see rationales 
discussed above), Alessandri further discloses wherein said one or more values are 
dynamically determined (page 13, section 3. 1 and Figure 10; netflowlabel or netflow 
mask). 

Regarding claim 51, in addition to features recited in claim 48 (see rationales 
discussed above), Alessandri further discloses wherein said compare unit is further 
configured to perform arithmetic operation on data carried by said packet in a packet 
header (page 13, section 3. 1; ANDoperation). 
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Regarding claim 52, in addition to features recited in claim 48 (see rationales 
discussed above), Alessandri further discloses wherein said compare unit is further 
configured to perform logical operation on said data carried by said packet in said 
packet header (page 13, section 3.1; AND-operation). 

Regarding claim 53, in addition to features recited in claim 46 (see rationales 
discussed above), Alessandri further discloses wherein said access control element 
further comprising: an access control memory {page 6, Figure 4; CAM). 

Regarding claim 54, in addition to features recited in claim 53 (see rationales 
discussed above), Alessandri further discloses wherein said access control memory is a 
content-addressable memory (page 6, Figure 4; CAM). 

Regarding claim 55, in addition to features recited in claim 53 (see rationales 
discussed above), Alessandri further discloses wherein said access control memory 
stores at least one of said access control specifier (page 13, Figure 10; CAM entries). 

Regarding claim 56, in addition to features recited in claim 53 (see rationales 
discussed above), Alessandri further discloses wherein said access control specifier 
further comprising: 

a label match mask (netflowlabel mask) configured to determine whether a first 
corresponding bit of said one or more characteristics of said packet is tested (page 13, 
section 3.1)] and 

a label match pattern (netflowlabel pattern), wherein said label match pattern is 
compared with a second corresponding bit of said one or more characteristics of said 
packet (page 13, section 3.1). 
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Regarding claim 57, in addition to features recited in claim 46 (see rationales 
discussed above), Alessandri further discloses a processor, coupled to said access 
control element, said processor is configured to process said packet when said packet 
is not processed by said access control element (page 5, Figure 3; CPU). 

Regarding claim 58, in addition to features recited in claim 46 (see rationales 
discussed above), Alessandri further discloses at least one input port coupled to said 
access control element, wherein said input port is configured to receive said packet; and 
at least one output port coupled to said access control element, wherein said packet is 
forwarded via said output port (page 5, Figure 3 and thereinafter). 

Regarding claim 59, in accordance with Alessandri reference entirety, Alessandri 
discloses a system for processing a packet comprising: 

means for matching one or more characteristics of said packet with one or more 
access control specifiers in at least one access control element (page 5, Figure 3; ACL 
and thereinafter); and 

means for processing said packet based on said matching (page 5, Figure 3; 
packet routing or forwarding). 

Regarding claim 60, in addition to features recited in claim 59 (see rationales 
discussed above), Alessandri further discloses wherein said access control element is a 
content addressable memory (page 13, section 3.0 and thereinafter). 

Regarding claim 61, in addition to features recited in claim 59 (see rationales 
discussed above), Alessandri further discloses wherein said matching and said 
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processing is done in parallel {page 6, section 2.2. 1; pipelined or page 14, section 3. 1; 
parallel). 

Regarding claim 62, in addition to features recited in claim 59 (see rationales 
discussed above), Alessandri further discloses wherein said characteristics of said 
packet comprises one or more of a source address, a destination address, a source 
port, a destination port, a protocol type, an input interface and an output interface (page 
14 and Figure 1 1; Interface identifier). 

Regarding claim 63, in addition to features recited in claim 59 (see rationales 
discussed above), Alessandri further discloses wherein said characteristics of said 
packet comprises data carried by said packet in a packet header {page 14; Figure 11). 

Regarding claim 64, in addition to features recited in claim 59 (see rationales 
discussed above), Alessandri further discloses means for receiving said packet (page 6, 
Figure 4; Input Interfaces). 

Regarding claim 65, in addition to features recited in claim 59 (see rationales 
discussed above), Alessandri further discloses means for identifying one or more of said 
access control specifiers based on said matching (page 13, Figure 10). 

Regarding claim 66, in addition to features recited in claim 64 (see rationales 
discussed above), Alessandri further discloses means for prioritizing said one or more 
of said access control specifiers identified based on said matching to generate a set of 
prioritized access control specifiers (page 19, section 3.3.3, Figure 16; priority encoder). 
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Regarding claim 67, in addition to features recited in claim 66 (see rationales 
discussed above), Alessandri further discloses wherein said prioritizing is done in 
parallel by a priority encoder {page 19, section 3.3.3, Figure 16; priority encoder). 

Regarding claim 68, in addition to features recited in claim 66 (see rationales 
discussed above), Alessandri further discloses wherein said prioritizing is done based 
on an address of said access control specifiers in said access control element (page 19, 
section 3.3.3, Figure 16; priority encoder). 

Regarding claim 69, in addition to features recited in claim 66 (see rationales 
discussed above), Alessandri further discloses wherein said processing is done based 
on said set of prioritized access control specifiers {page 19, section 3.3.3, Figure 16; 
priority encoder). 

Regarding claim 70, in addition to features recited in claim 59 (see rationales 
discussed above), Alessandri further discloses wherein said processing further 
comprising: means for forwarding said packet to said higher-level processor if said 
packet requires processing by a higher-level processor (page 5, Figure 3; CPU). 

Regarding claim 71, in addition to features recited in claim 59 (see rationales 
discussed above), Alessandri further discloses means for dropping said packet if said 
packet requires dropping (page 5, Figure 3; Drop Port). 

Regarding claim 72, in addition to features recited in claim 59 (see rationales 
discussed above), Alessandri further discloses means for forwarding said packet if said 
packet requires forwarding (page 5, Figure 3; Output Port or Routing decision). 
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Regarding claim 73, in accordance with Alessandri reference entirety, Alessandri 
discloses a system comprising: 

means for maintaining a set of access control patterns in at least one associative 
memory {page 5, Figure 3; ACL);, 

means for receiving a packet label responsive to a packet, said packet label 
being sufficient to perform access control processing for said packet (page 4, Figure 2, 
Input interface or page 5, Figure 3, input port); 

means for matching matchable information, said matchable information being 
responsible to said packet label, with said set of access control patterns in parallel 
{page 5, Figure 3; ACL processing device or page 13, Figure 10); 

means for generating a set of matches in response thereto, each said match 
having priority information associated therewith (page 5, Figure 3; permit/deny decision 
or page 13, Figure 10) ; 

means for selecting at least one of said matches in response to said priority 
information, and generating an access result in response to said at least one selected 
match (page 5, Figure 3; first demux); and 

means for making a routing decision in response to said access result (page 5, 
Figure 3; routing decision or overwrite routing decision). 

Regarding claim 74, in addition to features recited in claim 73 (see rationales 
discussed above), Alessandri further discloses means for choosing a first one of said 
matches (page 19, Figure 16; priority encoder). 
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Regarding claim 75, in addition to features recited in claim 73 (see rationales 
discussed above), Alessandri further discloses means for determining an output 
interface for said packet (page 5, Figure 3; output interface or page 13 or 19, Figure 16 
or Figure 19; CAM output). 

Regarding claim 76, in addition to features recited in claim 73 (see rationales 
discussed above), Alessandri further discloses means for implementing a quality of 
service policy {page 14, Figure 13). 

Regarding claim 77, in addition to features recited in claim 73 (see rationales 
discussed above), Alessandri further discloses means for permitting or denying access 
for said packet (page 14, Figure 12; PermDrop). 

Regarding claim 78, in addition to features recited in claim 73 (see rationales 
discussed above), Alessandri further discloses means for making a preliminary routing 
decision for said packet (page 14, Figure 12; CPU). 

Regarding claim 79, in addition to features recited in claim 73 (see rationales 
discussed above), Alessandri further discloses means for determining at least one 
output interface for said packet (page 5, Figure 3; output interface or page 13 or 19, 
Figure 16 or Figure 19; CAM output). 

Regarding claim 80, in addition to features recited in claim 73 (see rationales 
discussed above), Alessandri further discloses means for preprocessing said packet 
label (page 13, Figure 10; input of CAM or page 19, Figure 16; input preprocessing)] 
and means for generating said matchable information (page 13, Figure 10; CAM 
output). 
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Regarding claim 81, in addition to features recited in claim 79 (see rationales 
discussed above), Alessandri further discloses means for performing one or more of an 
arithmetic, logical, and comparison operation on said packet label (page 13, Figure 10; 
AND-operation)\ and 

means for generating a bit string for said matchable information in response to 
said arithmetic, logical, and comparison operation (page 13, Figure 10; CAM entries). 

Regarding claim 82, in addition to features recited in claim 73 (see rationales 
discussed above), Alessandri further discloses means for comparing a field of said 
packet label with an arithmetic range or mask value (page 13, Figure 10; AND-operation 
between netflowlabel pattern and netflowlabel mask). 

Regarding claim 83, in addition to features recited in claim 73 (see rationales 
discussed above), Alessandri further discloses means for comparing a source IP port 
value or a destination IP port value with a selected port value (page 13, Figure 10). 

Regarding claim 84, in addition to features recited in claim 73 (see rationales 
discussed above), Alessandri further discloses means for postprocessing said selected 
match to generate said access result (page 19, Figure 16; priority encoder). 

Regarding claim 85, in addition to features recited in claim 73 (see rationales 
discussed above), Alessandri further discloses means for accessing a memory in 
response to a bitstring included in said selected match (page 5, Figure 3; ACL 
processing device or page 19, Figure 16; output memory). 
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Regarding claim 86, in addition to features recited in claim 73 (see rationales 
discussed above), Alessandri further discloses means for declaring whether to permit or 
deny access of a set of packets (page 5, Figure 3, permit/deny decision). 

Regarding claim 87, in addition to features recited in claim 73 (see rationales 
discussed above), Alessandri further discloses means for receiving a sequence of 
access control specifiers {page 5, Figure 3; ACL processing device)] 

means for translating said sequence of access control specifiers into said 
sequence of access control patterns {page 5, Figure 3; ACL processing device)] and 

means for storing said sequence of access control patterns in said associative 
memory (page 5, Figure 3; ACL processing device). 

Regarding claim 88, in addition to features recited in claim 73 (see rationales 
discussed above), Alessandri further discloses means for generating a single one of 
said access control patterns in response to a plurality of said access control specifiers 
(page 5, Figure 3; ACL processing device or page 13, Figure 10; CAM). 

Regarding claim 89, in addition to features recited in claim 73 (see rationales 
discussed above), Alessandri further discloses means for generating a single one of 
said access control patterns in response to a plurality of said access control specifiers 
page 5, Figure 3; ACL processing device or page 13, Figure 10; CAM). 

Conclusion 

7. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 
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Muller et al (USP 5,938,736). 
Feldmeier (USP 5,920,886). 
Spinney (USP 5,414,704). 

Miei et al, Parallelization of IP-Packet Filter Rules, IEEE, pages 381-388, 1997. 
8. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Frank Duong whose telephone number is (703) 308- 
5428. The examiner can normally be reached on 7:00AM-3:30PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Seema Rao can be reached on (703) 308-5463. The fax phone number for 
the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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